Case Study:Kurabais a ride-hailing company based in the UK. The company has recently exceeded $500 million in revenue (2020) and now employs over 5,000 people. Given the platform’s efficiency in delivering services on-location, such as a taxi service app, the company’s digital labour platform has played a significant role in their recent success. However, the company recently faced a series of information challenges that raised various information security risks, such as a system breach that exposed personal information toonline attackers. The root cause of this issue was a misalignment between business and IT strategy, in which outdated security features of the digital labour platform had led to the breach. Despite the IT department’s enquiries to update the platform, which first needs approval from senior management, the IT department’s efforts have come to no avail due to the lack of response. Therefore, the maintenance requirements and inflexibility of the outdated system had left the IT department in handcuffs, preventing them from providing the company with modern strategies and solutions to minimise information security risk. However, recently, senior management have been pressurised by the IT department to tackle this problem in the event of the recent information breach. This, as well as being heavily fined by the Information Commissioner’s office for the recent security blunder, senior management have finally responded to the IT department’s enquiries and requests a report that proposes a potential information security solution. Accordingly, the company has requested your assistance as a business IT consultant in developing an alternative information security strategy to reform the company’s digital labour platform.
Your Task
Considering the above case study, your task is to critically assess the information risks/challenges of the existing system to determine the deeper reasons why the information breach occurred. Based on these risks, devise a contemporary information systems/security strategy report to the company, considering the alignment of business and IT strategy(2,500 words).
Use appropriate risk methodologies to support your analysis, while making appropriate recommendations where necessary.
